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[57] ABSTRACT 

A method, apparatus, and article of manufacture for broad- 
casting encrypted software to a target computer enables 
simultaneous transmission to a plurality of licensed target 
computers. An encryption key is generated to encrypt a 
software package. T he encryption key is then itself 
enc rypted using a target computer laentiricatJon code., and 
the encrypted encryption key is loaded onto the targ et 
comput er. The encrypted software is broadcast, for example, 
via satellite, and received at the target computer. The target 
computer uses its identification code to decrypt the 
encrypted encryption key (i.e.. unlock the encryption key). 
Once the target computer unlocks the encryption key, it uses 
the encryption key to decrypt the software to be installed on 
the target computer. 

21 Claims, 4 Drawing Sheets 
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BROADCAST SOFTWARE DISTRIBUTION software is broadcast via satellite. The target computer 

obtains the encryption key by decrypting the encryption key 

BACKGROUND OF THE INVENTION using Us identification code. The encryption key is then used 

1 Field of the Invention t0 ( * ccr yi* software to enable the software to be installed 

s onto the target computer. 

This invention relates in general to broadcast distribution, 

and in particular, to broadcast software distribution using BRIEF DESCRIPTION OF THE DRAWINGS 
encryption key locking and unlocking procedures. 

2. Description of Related Ait R ^ rin « now to «•* in which like reference 

_ . . . , , numbers represent corresponding parts throughout: 

The software industry as a whole has experienced tre- 10 TTr _ , .,, , 

mendous growth in recent years. There isVcontinuous 1 illustrates an exemplary computer system cnvi- 

demand for new software products that address the needs in ronmcnt for usc m accordance with the present invention; 

new or changing industries. Moreover, software companies P 10 * 2 is a flow chart illustrating exemplary steps which 

routinely upgrade previously-released software products in 10 Program the computer system of FIG. 1, 

response to specific user needs and/or to provide a product 15 according to the present invention; 

in a more efficient manner FIG. 3 illustrates the packets of a compressed file that are 

Software companies have traditionally distributed its soft- transmitted to a target computer in a broadcast session, 

ware products through physical media such as tapes or according to the present invention; and 

diskettes, and. more recently, CD ROM. Companies store FIG. 4 is a flow chart illustrating exemplary steps, accord- 

their software on these physical media and ship them to 20 ing to the present invention* for verifying that software has 

customers for installation onto their home computers. been successfully transmitted in the system of FIG. 1. 

In distributing software by this method, however, various 
problems have been encountered. The cost of media 
duplication, shipping, and storage is quite high in many such 

applications. Moreover, the elimination of many types of 25 In the following detailed description of the drawings, 

such physical media has created unwanted environmental- reference is made to the accompanying drawings which 

waste concerns. In addition, this type of distribution form a part hereof, and in which is shown by way of 

involves unwanted delay associated with waiting for media illustration a specific embodiment in which the invention 

copies, packing, addressing, and shipping to obtain new may be practiced. It is to be understood that other erabodi- 

products or new versions of existing products. ments may be utilized and structural changes may be made 

An alternative method of distributing software is through without departing from the scope of the present invention, 
phone lines. Software distribution centers, having a host FIG. 1 illustrates an exemplary computer system envi- 
computer with a modem, transmit the software through ronmcnt that can be used in conjunction with the present 
phone lines to a customer* s computer in response to the 33 invention. Tlie exemplary environment includes a host cam- 
customer's order for particular software packages. puter 10 and an encryptor 12 at a Software Distribution 

This alternative form of distribution has also encountered Center (SDC). a satellite 14 for relaying transmitted 
problems. The number of customers who can receive a given software, a target computer 18. and peripheral computers 
transmission is limited by the physical capabilities of the 2&wi which are coupled to the target computer 18. As 
phone lines. If numerous customers order the same software ^ illustrated, the encryptor 12. which encrypts software pack- 
package, such as when a company distributes an upgraded ages loaded on the host computer 10. is separate from the 
version to existing subscribers, the software company must host computer 10. It is understood, however, that the encryp- 
repeatedly transmit the same software package until all its tor 12 can be configured to be part of the host computer 10. 
customers have received the product This approach is both in the exemplary computer environment of FIG. 1. the 
costly and time consuming. 43 target computer 18 contains a licensing software program 22 

Accordingly, there is a need for an improved method and and a receiver/installer software program 24. which are 

computer system for distributing software that overcomes typically embodied on one or more program storage devices, 

the above-mentioned deficiencies associated with prior tech- A customer is licensed or otherwise authorized to use the 

niques. The present invention provides a solution to these broadcast service of the present invention. With such 

and other problems, offering advantages over conventional 50 authorization, the customer receives the licensing program 

implementations. 22 and receiver/installer 24 program loads these programs 

citia#adv AnTim ____ AV1 onto the computer 18, thereby enabling receipt of software 

NUMMARY OF THE INVENTION transmitted in accordance with this invention. The licensing 

To overcome the limitations in the prior art described program 22 provides for the entry and tracking of strings for 

above, and to overcome other limitations that will become 55 all software products purchased. Hie licensing program 22 

apparent upon reading and understanding the present also generates the unique computer identifier, co de, (e.g.. 

specification, the present invention provides a unique computer ide ntification nu mber) for the compmer 10 that the 

method, apparatus, and article of manufacture for broadcast- installer Receiver prog anT24 runsr A^desmbed below, a 

ing encrypted software to a target computer. In one embodi- cu stonier r^o vjdes .this _ uniqu e *i de n tifi catio n • code_whenever 

meat of the present invention, an encryption key, which is «i iLplaccs.an ^order for a s oftware package. The installer/ 

unique to the particular software package, is used to encrypt receiver software program 24 enables the target computer 18 

the software package, and is then itself encrypted using the t0 receive software that is broadcasted, for example via 

unique identification code of the target computer. This key satellite 14. and to install the software onto the target 

is loaded onto the target computer, to lock the particular computer 18. The peripheral computers 2Qa-n also contain 

software package to the target computer. The software is 65 installer/receiver software. 

then broadcast from a send computer and received at the Hie host computer 10 in FIG. 1 contains a library of 

target computer. In a more particular implementation, the stored software packages that customers may order. For each 
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software package, an encry ption _ke y i s generated and the cated to the user in block 42. The software is broadcast as 
software^ package is encrypted using that encryption key. one compressed file via satellite. The bits of the file are 
The encrypted software is then compressed~and store<ras pushed out on the line in a manner similar, for example, to 
one packet in a single compressed file. The compressed file transmission over TCP/IP or modem, 
also includes a packet which identifies the particular soft- 5 Block 46 represents the target computer receiving the 
ware product included in the file. As described in more detail software that is broadcast via satellite. At the time specified 
below in connection with FIGS. 3 and 4, each compressed fox transmission, users "tune in" with their receivers to the 
file further includes a checksum packet which is generated specified frequency or channel. As an option, the receiver 
at the time the software package is encrypted and could be set up to look for and download a specific list of 
compressed* enabling the target computer 18 to determine 10 ordered products, or specific versions of a product For 
whether a software package is transmitted without error. A example, a user may want to always download nev^yersions^ 
transmitting program on the host computer If contains 0 f rjoducW; that: were akea<^ 

information regarding the time at which each software always bits~thTiatcs^ ^ 

package will be transmitted. The transmission and encrypt iHbck^ repSese^^^ 

tion of software are performed using techniques well-known 15 SUC0C8S ft,i # jf the transmission is not successful, then the 
in the art SDC provides the u ser with the relevant information regard- 

Referring now to FIG. 2, a flow chart is illustrated m ^ the next broadcast of the software. The target computer 
detailing the steps which may be used to program the \$ then waits unul that time that the software is retransmit- 
computer system of FIG. 1, with the host computer 10 ted and subsequently receives the software as described in 
transmitting a software package to a target computer 18 *° connection with block 46. If the transmission is successful 
through a broadcast medium, according to the present inven- then, as represented in block S Q^the target computer 
tion. Block 30 represents installation of a licensing program _decrypte.tpe.encrYPted encryption key using its iden tifica- 
and receiver/installer program on the target computer 18. As tion -code. Once this is performed, the target computer 
explained above, only users having mis software on their decr ypts the lofrware"using*'the "encryption"key-specific to 

computer receive software according to this invention; the 25 the software product — * — - 

encrypted software that is transmitted via satellite is other- "The decr^tioToTthe software, represented in block 52, 
wise unusable. at the target computer 18 occurs as follows. The licensing 

Bl ocks 3 2,andJ4.re present the tar g et computer 18 calling program 22 generates the identification code of the target 
the SDC to order a particular softwar e,package. When the computer 18 which, in turn, is transmitted to the receiver/ 
customer orders the software, the customer selects an option installer program on the target computer 18. In the 
provided by the licensing program 22. which producesjtfie . a Mm^\ ivr .thr-ira-.i vrr/i ngt al 1 cr PX flgtamjt self generates the 
iden tification code of the tar g et com puter^l8. A customer identificationcode.JThe receiver/installer progr*m-14on the 
gives his identification code to the operator receiving the ^Target^^mputcr-l^ to 
software order at the SDC 3 ~decrypTthe encrypted on^i^on kcy.-^e^cryption key in 

Block 36 represents the SDC encrypting the encryption tiirn cnables-mTtarget computcrT8 to decrypt (i.e.. unlock) 
key specific to the ordered software packag e. When the.SDCL. the transmitted software. This process occurs virtually 
r eceives th e identification number of the t arget computer 1 8, simultaneously, thereby making it extremely difficult to 
it produces a new key (e.g.. an ASCU string) by encrypting identify the encryption key during the process. 
theTorrware v^r^ ^^^^^ ^^^^^mi^ ^sP ^ Consequently, only the target computer 18 can decrypt the 
ag eUsing the identificatiOD'co de^of the target computeT1 8: software. 

The purpose of the new key (L771m~e~encjypted encryption Block 54 represents determining whether there are other 
key) is to lock a particular computer (e.g.. the computer with peripheral computers to receive the software. If there are no 
the identification code used to encrypt the encryption key) to peripheral computers, the target computer 18. as represented 
a particular software package. Instead of allowing any 45 in blocks 56 and 58. decompresses and installs the software 
computer having the encryption key to listen to the broad- onto the target computer 18. Specifically, the installer/ 
cast and obtain software illegally, o nly the tar g et com puter receiver program 24 invokes a routine to decrypt and 
18 whos e identification code is used to encrypt Se software" decompress the temporary data file. This part of the instal- 
enc ryption key, accesses the transmittSi'sbftwareTAs rep- lation copies files to the file destination with the appropriate 
resented in block 38. the Sia; proviaes the new key to the x permissions and ownership on the target computer 18. 
target computer 18. The SDC provides this string to the Moreover, it kicks off any installation scripts required to 
target computer 18, for example, via fax or e-mail. complete the installation, configuration, or tuning specific 

Block 40 represents the user ofjbc-target computer 18 for the application installed, 
e ntering the en^y^tcd-caeiytgion key (Lc.. new key) onto As depicted in blocks 60, 62 and 64. if there are other 
the target computer 18 . The uistaUer7receiver program on the 55 peripheral computers connected to the target computer 18, 
target computer 18 provides a user interface requesting the then the target computer 18 distributes the software to the 
user to insert the new key provided by the SD C. The target peripheral computers 20a-n which in turn decompress and 
c omputer 18 then stores this key. install the software. As mentioned previously, each of the 

Block 42 represents the SDC providing to the user of the peripheral computers 20kwj has a receiver/installer software 
target computer 18 the time and channel/frequency that the go product to enable the decompression and installation of die 
ordered software will be broadcast Software products are software. 

broadcast from the SDC, for example, during scheduled Referring to FIG. 3, a compressed file for a software 
timeslots. Preferably, popular products are broadcast at package is illustrated, having multiple packets. The corn- 
regular intervals, while relatively uncommon software prod- pressed file, generally designated 70. includes a header 72, 
ucts are periodically scheduled at the request of a user. & a compressed installable file packet 80, a checksum packet 
Block 44 represents transmission of the software from the 82. and an end-product broadcast packet 84. The header 72 
SDC at the time and channel/frequency that was communi- includes a begin product broadcast packet 74, a product 
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identification packet 76 and a version packet 78. The begin 
product broadcast packet 74 signals the beginning of the 
transmission of a new software product The product iden- 
tification packet 76 identifies the software product that is 
transmirtedJMg sion packet 78 identifies the particular yct- 
sioggfthe software product that is transmitted. VoTexj^npl e. 
theversiop packet 78 notifies u ^er3-w^n^a,s orTware^ oduct 
upgrade is being transmitted. Other identifying information 
cotrWaTso be included as part of the header 72. For example, 
there could be a vendor header packet to enable a target 
computer to monitor for all software products that a par- 
ticular vendor offers. 

Packet 80 in the compressed file contains the compressed 
installable file. This includes the compressed software and 
the configuration scripts. 

Packet 82 is the checksum packet As described in more 
detail below with the respect to FIG. 4. the checksum packet 
82 enables the user at the target computer 18 to verify that 
the transmission is successful. The end product broadcast 
packet 84 notifies the target computer that the transmission 
is complete. 

Referring now to FIG. 4, a flow chart illustrates the steps 
for verifying that the software is successfully transmitted. 
Block 9# represents the transmission of the compressed 
software contained in the compressed installable file packet 
80. Block 92 represents transmission of the checksum 
packet 82. The checksum packet 82 is generated at the SDC 
when the software product is initially compressed and stored 
at the send computer. Based on the contents of the file 
received at the target computer 18* an algorithm contained in 
the receiver/installer program 24 generates a code or number 
based on the compressed file received at the target computer 
18. This number, which is generated using the same algo- 
rithm that generates the checksum when the software is 
compressed is compared to the checksum packet 82. If the 
transmission has been successful, the two numbers are the 
same. At block 94 of FIG. 4. it is detexinincd whether the 
transmission is successful by matching the checksum packet 
82 with the code generated by the file copied to the target 
computer 18. If the codes are the same, the target computer 
18. as depicted in block 96. decrypts and decompresses the 
software and installs it on the target computer 18 or distrib- 
utes it to other peripheral computers for decompression and 
installation. If the checksum packet 82 does not match the 
file that was received from the host computer 10. then the 
target computer 18 deletes the file and waits for retransmis- 
sion of the software product. 

Unlike the prior art which provides transmission through 
phone lines, the present invention is not limited in the 
number of customers who can receive a given transmission. 
Each customer who orders a particular software product 
receives the software from the same broadcast Therefore, 
theoretically a single broadcast transmits to an unlimited 
amount of users. 

The foregoing description of the preferred embodiment of 
the invention has been presented for the purposes of illus- 
tration and description. It is not intended to be exhaustive or 
to limit the invention to the precise form disclosed. Many 
modifications and variations are possible without departing 
from the scope of the invention as defined by the claims 
appended hereto. 

What is claimed is: 

1. A method of distributing software encrypted by a 
software encryption key to a target computer, comprising the 
steps of: 

receiving a number unique to the target computer; 
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encrypting the software encryption key using the number 
unique to the target computer unique number; 

transrnirting the encrypted software encryption key to the 
target computer; 

communicating a timeslot and channel for broadcasting 
the encrypted software to the target computer; and 

broadcasting a message at the communicated timeslot and 
channel, the message comprising the encrypted soft- 
ware. 

2. The method of claim 1. wherein the broadcast timeslot 
is periodically scheduled according to a user request. 

3. The method of claim 1. wherein the transmission 
timeslot is regularly scheduled. 

4. The method of claim 1. wherein: 

the message further comprises a version packet notifying 
the target computer that an upgraded version of the 
software is being transmitted and enabling the target 
computer to download upgraded versions of software 
already installed on the target computer, and 

the method further comprises the step of decrypting the 
software using the target computer unique number 
when the version indicator indicates that an upgraded 
version of software already installed oo the target 
computer is being broadcast 

5. The method of claim 1. wherein: 

the message further comprises a vendor header packet 
enabling the target computer to monitor broadcasts for 
software products offered by a vendor. 

6. The method of claim 1. further comprising the steps of: 
decrypting the software in the target computer using the 

target computer unique number; 
determining if there are peripheral computers coupled to 
the target computer to receive the decrypted software; 
and 

distributing the decrypted software to the peripheral com- 
puters when there are peripheral computers coupled to 
the target computer to receive the decrypted software. 

7. The method of claim 1. wherein the message further 
comprises a checksum packet for determining if the target 
computer received the encrypted software without error, and 
the method further comprises the steps of: 

receiving the checksum packet in the target computer; 

processing the checksum packet in the target computer to 
determine if the encrypted software was received with- 
out error, 

providing the target computer information regarding a 
next broadcast of the software when the encrypted 
software was not received without error; and 

waiting for retransmission of the encrypted software. 

8. An apparatus for distributing software encrypted by a 
software encryption key to a target computer, comprising: 

means for receiving a number unique to the target com- 
puter, 

means for encrypting the software encryption key using 
the number unique to the target computer unique num- 
ber, 

means for transmitting the encrypted software encryption 
key to the target computer; 

means for communicating a timeslot and channel for 
broadcasting the encrypted software to the target com- 
puter; and 

means for broadcasting a message at the communicated 
timeslot and channel, the message comprising the 
encrypted software. 



03/13/2004, EAST Version: 1.4.1 



5,894,516 



8 



IS 



20 



25 



9. The apparatus of claim 8. wherein the means fox 
providing a timeslot and channel fox broadcasting the 
encrypted software to the target computer comprises means 
for periodically scheduling the timeslot according to a user 
request 5 

10. The apparatus of claim 8, wherein the means for 
providing a timeslot and channel fox broadcasting the 
encrypted software to the target computer comprises means 
for regularly scheduling the transmission time. 

11. Hie apparatus of claim 8, wherein: to 
the message further comprises a version packet notifying 

the target computer that an upgraded version of the 
software is being transmitted and enabling the target 
computer to download upgraded versions of software 
already installed on the target computer; and 
the apparatus further comprises means for decrypting the 
software using the target computer unique number 
when the version indicator indicates that an upgraded 
version of software already installed on the target 
computer is being broadcast. 

12. The apparatus of claim 8.wberein the message further 
comprises a vendor header packet enabling the target com- 
puter to monitor broadcasts for software products offered by 
a vendor. 

13. The apparatus of claim 8. further comprising: 
means for decrypting the software in the target computer 

using the target computer unique number, 
means for determining if there are peripheral computers 
coupled to the target computer to receive the decrypted 30 
software; and 

means for distributing the decrypted software to the 
peripheral computers when there are peripheral com- 
puters coupled to the target computer to receive the 
decrypted software. 35 

14. Hie apparatus of claim 8, wherein the message further 
comprises a checksum packet for determining if the target 
computer received the encrypted software without error, and 
the apparatus further comprises: 

means for receiving the checksum packet in the target 40 
computer; 

means for processing the checksum packet in the target 
computer to determine if the encrypted software was 
received without error, 

providing the target computer information regarding a 
next broadcast of the software when the encrypted 
software was not received without error, and 

waiting for retransmission of the encrypted software. 

15. A program storage device, readable by computer, 50 
tangibly embodying one or more programs of instructions 
executable by the computer to perform method steps of 
distributing software encrypted by a software encryption key 

to a target computer* the method steps comprising the steps 
of: 55 

receiving a number unique to the target computer; 

encrypting the software encryption key using the number 
unique to the target computer unique number; 



AS 



transmitting the encrypted software encryption key to the 
target computer; 

communicating a timeslot and channel fox broadcasting 
the encrypted software to the target computer; and 

broadcasting a message at the communicated timeslot and 
channel, the message comprising the encrypted soft- 
ware. 

16. The program storage device of claim 15. wherein the 
broadcast timeslot is periodically scheduled according to a 
user request 

17. The program storage device of claim 15. wherein the 
transmission timeslot is regularly scheduled. 

18. The program storage device of claim 15, wherein: 
the message further comprises a version packet notifying 

the target computer that an upgraded version of the 
software is being transmitted and enabling the target 
computer to download upgraded versions of software 
already installed on the target computer; and 
the method steps further comprises the method step of 
decrypting the software using the target computer 
unique number when the version indicator indicates 
that an upgraded version of software already installed 
on the target computer is being broadcast 

19. The program storage device of claim 15. wherein: 
the message further comprises a vendor header packet 

enabling the target computer to monitor broadcasts for 
software products offered by a vendor. 

20. The program storage device of claim 15. wherein the 
method steps further comprise the method steps of: 

decrypting the software in the target computer using the 

target computer unique number; 
determining if mere are peripheral computers coupled to 

the target computer to receive the decrypted software; 

and 

distributing the decrypted software to the peripheral com- 
puters when there are peripheral computers coupled to 
the target computer to receive the decrypted software. 

21. The program storage device of claim 15, wherein the 
message further comprises a checksum packet for determin- 
ing if the target computer received the encrypted software 
without error, and the method steps further comprise the 
method steps of: 

receiving the checksum packet in the target computer; 

processing the checksum packet in the target computer to 
determine if the encrypted software was received with- 
out error, 

providing the target computer information regarding a 
next broadcast of the software when the encrypted 
software was not received without error, and 

waiting for retransmission of the encrypted software. 
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